Hello,
We've been using a bridged (TAP) setup for quite some time without issue - but given that we have 3 other routers that will soon be connected we know we're going to have an issue with all the wasted bandwidth and broadcast packets going everywhere. So we're converting to a routed solution - For the most part I've been able to get it going except for one issue.
Devices on the server end (Side A) cannot communicate with client devices (Side B). Pings and traceroutes never reach their destination. However, Side B can ping and tracert and access devices on Side A without issue. I would assuming I'm missing a route statement but can't figure it out if that's the case.
Server Side:
LAN: 192.168.0.0/24
OpenVPN Tunnel: 10.0.0.0/24
Server Configuration:
# Automatically generated configuration
daemon
server 10.0.0.0 255.255.255.0
proto udp
port 1194
dev tun21
cipher BF-CBC
comp-lzo adaptive
keepalive 15 60
verb 3
push "route 192.168.0.0 255.255.255.0"
client-config-dir ccd
client-to-client
push "dhcp-option DNS 192.168.0.254"
tls-auth static.key 0
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status
Client Side
LAN: 192.168.3.0/24
ca /tmp/openvpncl/ca.crt
cert /tmp/openvpncl/client.crt
key /tmp/openvpncl/client.key
management 127.0.0.1 5001
management-log-cache 50
verb 4
mute 5
log-append /var/log/openvpncl
writepid /var/run/openvpncl.pid
client
resolv-retry infinite
nobind
persist-key
persist-tun
script-security 2
mtu-disc yes
dev tun1
proto udp
cipher bf-cbc
auth sha256
remote XXX.XXX.XXX.XXX 1194
tls-client
tun-mtu 1500
comp-lzo yes
ns-cert-type server
fast-io
tls-auth /tmp/openvpncl/ta.key 1
tls-cipher AES256-SHA
We've been using a bridged (TAP) setup for quite some time without issue - but given that we have 3 other routers that will soon be connected we know we're going to have an issue with all the wasted bandwidth and broadcast packets going everywhere. So we're converting to a routed solution - For the most part I've been able to get it going except for one issue.
Devices on the server end (Side A) cannot communicate with client devices (Side B). Pings and traceroutes never reach their destination. However, Side B can ping and tracert and access devices on Side A without issue. I would assuming I'm missing a route statement but can't figure it out if that's the case.
Server Side:
LAN: 192.168.0.0/24
OpenVPN Tunnel: 10.0.0.0/24
Server Configuration:
# Automatically generated configuration
daemon
server 10.0.0.0 255.255.255.0
proto udp
port 1194
dev tun21
cipher BF-CBC
comp-lzo adaptive
keepalive 15 60
verb 3
push "route 192.168.0.0 255.255.255.0"
client-config-dir ccd
client-to-client
push "dhcp-option DNS 192.168.0.254"
tls-auth static.key 0
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status
Client Side
LAN: 192.168.3.0/24
ca /tmp/openvpncl/ca.crt
cert /tmp/openvpncl/client.crt
key /tmp/openvpncl/client.key
management 127.0.0.1 5001
management-log-cache 50
verb 4
mute 5
log-append /var/log/openvpncl
writepid /var/run/openvpncl.pid
client
resolv-retry infinite
nobind
persist-key
persist-tun
script-security 2
mtu-disc yes
dev tun1
proto udp
cipher bf-cbc
auth sha256
remote XXX.XXX.XXX.XXX 1194
tls-client
tun-mtu 1500
comp-lzo yes
ns-cert-type server
fast-io
tls-auth /tmp/openvpncl/ta.key 1
tls-cipher AES256-SHA
